@Override public void onTenantInitialActivation(int tenantId) throws StratosException { if (log.isDebugEnabled()) { log.debug("AccountLockTenantMgtListener is fired for Tenant ID : " + tenantId); } try { AccountServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId). getUserStoreManager().addRole(AccountConstants.ACCOUNT_LOCK_BYPASS_ROLE, null, null, false); } catch (org.wso2.carbon.user.api.UserStoreException e) { log.error(String.format("Error while adding role: %s on Tenant: %d", AccountConstants.ACCOUNT_LOCK_BYPASS_ROLE, tenantId), e); } }
/** * Create a role for the application and assign the user to that role. * * @param applicationName * @throws IdentityApplicationManagementException */ public static void createAppRole(String applicationName, String username) throws IdentityApplicationManagementException { String roleName = getAppRoleName(applicationName); String[] usernames = {username}; try { // create a role for the application and assign the user to that role. if (log.isDebugEnabled()) { log.debug("Creating application role : " + roleName + " and assign the user : " + Arrays.toString(usernames) + " to that role"); } CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager() .addRole(roleName, usernames, null); } catch (UserStoreException e) { throw new IdentityApplicationManagementException("Error while creating application role: " + roleName + " with user " + username, e); } }
/** * Create a internal role in workflow domain with same name as workflow. * * @param workflowName Workflow name * @throws WorkflowException */ public static void createAppRole(String workflowName) throws WorkflowException { String roleName = createWorkflowRoleName(workflowName); String qualifiedUsername = CarbonContext.getThreadLocalCarbonContext().getUsername(); String[] user = {qualifiedUsername}; try { if (log.isDebugEnabled()) { log.debug("Creating workflow role : " + roleName + " and assign the user : " + Arrays.toString(user) + " to that role"); } CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager() .addRole(roleName, user, null); } catch (UserStoreException e) { throw new WorkflowException("Error while creating role", e); } }
/** * Create a internal role in workflow domain with same name as workflow. * * @param workflowName Workflow name * @throws WorkflowException */ public static void createAppRole(String workflowName) throws WorkflowException { String roleName = createWorkflowRoleName(workflowName); String qualifiedUsername = CarbonContext.getThreadLocalCarbonContext().getUsername(); String[] user = {qualifiedUsername}; try { if (log.isDebugEnabled()) { log.debug("Creating workflow role : " + roleName + " and assign the user : " + Arrays.toString(user) + " to that role"); } CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager() .addRole(roleName, user, null); } catch (UserStoreException e) { throw new WorkflowException("Error while creating role", e); } }
/** * Create a internal role in workflow domain with same name as workflow. * * @param workflowName Workflow name * @throws WorkflowException */ public static void createAppRole(String workflowName) throws WorkflowException { String roleName = createWorkflowRoleName(workflowName); String qualifiedUsername = CarbonContext.getThreadLocalCarbonContext().getUsername(); String[] user = {qualifiedUsername}; try { if (log.isDebugEnabled()) { log.debug("Creating workflow role : " + roleName + " and assign the user : " + Arrays.toString(user) + " to that role"); } CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager() .addRole(roleName, user, null); } catch (UserStoreException e) { throw new WorkflowException("Error while creating role", e); } }
RealmService realmService = IdentityWorkflowDataHolder.getInstance().getRealmService(); UserRealm userRealm = realmService.getTenantUserRealm(tenantId); userRealm.getUserStoreManager().addRole(roleName, users, permissions); } catch (UserStoreException e) {
/** * Create a role for the application and assign the user to that role. * * @param applicationName * @throws IdentityApplicationManagementException */ public static void createAppRole(String applicationName, String username) throws IdentityApplicationManagementException { String roleName = getAppRoleName(applicationName); String[] usernames = {username}; try { // create a role for the application and assign the user to that role. if (log.isDebugEnabled()) { log.debug("Creating application role : " + roleName + " and assign the user : " + Arrays.toString(usernames) + " to that role"); } if (CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager(). isExistingRole(roleName)) { String errorMsg = "Application registration failed. The application role \'" + roleName + "\' already exists."; log.error(errorMsg); throw new IdentityApplicationRegistrationFailureException(errorMsg); } CarbonContext.getThreadLocalCarbonContext().getUserRealm().getUserStoreManager() .addRole(roleName, usernames, null); } catch (UserStoreException e) { throw new IdentityApplicationManagementException("Error while creating application role: " + roleName + " with user " + username, e); } }
/** * Add permissions to the appmgt/applicationdata collection for given role. * * @param roleName * @throws org.wso2.carbon.appmgt.api.AppManagementException */ public static void addNewRole(String roleName, Permission[] permissions, org.wso2.carbon.user.api.UserRealm userRealm) throws AppManagementException { // TODO: Merge different resource loading methods and create a single method. try { String tenantAdminName = userRealm.getRealmConfiguration().getAdminUserName(); String[] userList = new String[]{tenantAdminName}; String[] existingRoles = userRealm.getUserStoreManager().getRoleNames(); boolean roleExists = false; for(String role : existingRoles){ if(role.equalsIgnoreCase(roleName)){ roleExists = true; break; } } if(!roleExists) { userRealm.getUserStoreManager().addRole(roleName, userList, permissions); } } catch (UserStoreException e) { throw new AppManagementException("Error while adding new role : " + roleName, e); } }
userStoreManager.addRole(roleName, user, null);
String superTenantName = ServiceReferenceHolder.getInstance().getRealmService().getBootstrapRealmConfiguration().getAdminUserName(); String[] userList = new String[]{superTenantName}; manager.addRole(role, userList, subscriberPermissions);
if (!userStore.isExistingRole(IdentityConstants.IDENTITY_DEFAULT_ROLE)) { Permission permission = new Permission("/permission/admin/login", UserMgtConstants.EXECUTE_ACTION); userStore.addRole(IdentityConstants.IDENTITY_DEFAULT_ROLE, null, new Permission[]{permission}, false);
getRealmService().getTenantUserRealm(tenantId).getRealmConfiguration().getAdminUserName(); String[] userList = new String[]{tenantAdminName}; manager.addRole(roleName, userList, subscriberPermissions);
.getAdminUserName(); String[] userList = new String[] { tenantAdminName }; manager.addRole(role, userList, subscriberPermissions);
manager.addRole(roleName, new String[]{csgUserName}, null);
userStoreManager.addRole(IdentityRecoveryConstants.SELF_SIGNUP_ROLE, null, new Permission[]{permission});